Rpm
如何判斷 RPM 包是用哪個 GPG 密鑰簽名的?
可以使用
rpm -K命令驗證 RPM 的加密簽名。如果簽名在 RPM 的數據庫中並且有效,這將返回一個包含gpg(或pgp) 並以結尾的字元串。OK如果包沒有簽名但校驗和是有效的,你仍然會得到
OK,但沒有gpg。如果包已簽名,但 RPM 數據庫中缺少密鑰,則會得到
(GPG)(大寫字母)和NOT OKAY,後跟(MISSING KEYS: GPG#deadbeef).如果我想弄清楚我應該找到什麼鍵來安裝以使我的包安裝工作,這很方便。
但是,如果我想驗證我的 RPM 密鑰環中的幾個密鑰中的哪一個用於對給定的包進行簽名,該怎麼辦*?*
rpm -qa --qf '%{NAME}-%{VERSION}-%{RELEASE} %{SIGPGP:pgpsig} %{SIGGPG:pgpsig}\n'
有一個通過 列出的簽名欄位
rpm -qpi package.rpm,例如:[vagrant@vm-one ~]$ rpm -qpi puppet-3.7.4-1.el6.noarch.rpm Name : puppet Version : 3.7.4 Release : 1.el6 Architecture: noarch Install Date: (not installed) Group : System Environment/Base Size : 6532300 License : ASL 2.0 Signature : RSA/SHA512, Tue 27 Jan 2015 11:17:18 PM UTC, Key ID 1054b7a24bd6ec30 Source RPM : puppet-3.7.4-1.el6.src.rpm Build Date : Mon 26 Jan 2015 11:48:15 PM UTC Build Host : tahoe.delivery.puppetlabs.net Relocations : (not relocatable) Vendor : Puppet Labs URL : http://puppetlabs.com Summary : A network tool for managing many disparate systems Description : Puppet lets you centrally manage every important aspect of your system using a cross-platform specification language that manages all the separate elements normally aggregated in different files, like users, cron jobs, and hosts, along with obviously discrete elements like packages, services, and files.